package com.egao.common.core.security;

import cn.hutool.core.date.DatePattern;
import cn.hutool.core.date.DateTime;
import cn.hutool.core.date.DateUtil;
import cn.hutool.core.util.StrUtil;
import com.alibaba.fastjson.JSON;
import com.egao.common.core.web.JsonResult;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.ServletRequestBindingException;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.context.request.ServletWebRequest;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Date;

/**
 * 登录验证码验证
 * @author lym
 * @date 2023/11/1 9:41
 */
@Component
public class ValidateCodeFilter extends OncePerRequestFilter {

    @Autowired
    private StringRedisTemplate redisTemplate;

    @Override
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain)
            throws ServletException, IOException {

        if (StrUtil.equalsIgnoreCase("/api/login", httpServletRequest.getRequestURI())
                && StrUtil.equalsIgnoreCase(httpServletRequest.getMethod(), "post")) {
            try {
//                validateCode(new ServletWebRequest(httpServletRequest));
            } catch (ValidateCodeException e) {
                httpServletResponse.setContentType("application/json;charset=UTF-8");
                PrintWriter out = httpServletResponse.getWriter();
                out.write(JSON.toJSONString(JsonResult.error(e.getMessage())));
                out.flush();
                return;
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private void validateCode(ServletWebRequest servletWebRequest) throws ServletRequestBindingException {
        String code = ServletRequestUtils.getStringParameter(servletWebRequest.getRequest(), "code");
        String codeKey = ServletRequestUtils.getStringParameter(servletWebRequest.getRequest(), "codeKey");

        if (StrUtil.isBlank(code)) {
            throw new ValidateCodeException("验证码为空");
        }

        if (StrUtil.isBlank(codeKey)) {
            throw new ValidateCodeException("验证码为空!");
        }

        String today = DatePattern.PURE_DATE_FORMAT.format(new DateTime());
        if (Boolean.FALSE.equals(redisTemplate.hasKey(today + codeKey))) {
            throw new ValidateCodeException("验证码已过期");
        }

        String redisCode = redisTemplate.opsForValue().get(today + codeKey);
        if (!code.equalsIgnoreCase(redisCode)) {
            throw new ValidateCodeException("验证码不正确");
        }

        redisTemplate.delete(codeKey);
    }
}
